General

  • Target

    2bc2c0762e4a544ecc99953e30c326286e8ec253d73f18b6a678471edfa389c1

  • Size

    51KB

  • Sample

    240623-2ndneawbna

  • MD5

    d7b158aff0fde092613c16c021181fe1

  • SHA1

    f8b4698abadd248855628862b5dff6b2e293d54d

  • SHA256

    2bc2c0762e4a544ecc99953e30c326286e8ec253d73f18b6a678471edfa389c1

  • SHA512

    f87a82f26cdafa0c905a53b7def0dce9e4030cbe0a96b65e402a9adb74e12ebc474cd9d2396d715c4db5d7b64296db847347833073d7771d31fa44a72987c739

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLxJYH5:1dWubF3n9S91BF3fbotJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      2bc2c0762e4a544ecc99953e30c326286e8ec253d73f18b6a678471edfa389c1

    • Size

      51KB

    • MD5

      d7b158aff0fde092613c16c021181fe1

    • SHA1

      f8b4698abadd248855628862b5dff6b2e293d54d

    • SHA256

      2bc2c0762e4a544ecc99953e30c326286e8ec253d73f18b6a678471edfa389c1

    • SHA512

      f87a82f26cdafa0c905a53b7def0dce9e4030cbe0a96b65e402a9adb74e12ebc474cd9d2396d715c4db5d7b64296db847347833073d7771d31fa44a72987c739

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLxJYH5:1dWubF3n9S91BF3fbotJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks